From 62ba124533d0a2e404104646873ab1e41dae0223 Mon Sep 17 00:00:00 2001
From: Pierre Bastianelli <pierre.bastianelli@gov.bc.ca>
Date: Fri, 9 Jun 2023 16:39:10 -0700
Subject: [PATCH] middleware update

---
 api/main.py         | 13 ++++++------
 middleware/index.js | 49 ++++++++++++++++++++++++++++++++++++---------
 2 files changed, 46 insertions(+), 16 deletions(-)

diff --git a/api/main.py b/api/main.py
index 5c662dd..4515a97 100644
--- a/api/main.py
+++ b/api/main.py
@@ -67,14 +67,15 @@ async def root():
     return {"message": "Hello World"}
 
 @app.get("/verify_page", response_class=HTMLResponse)
-async def verify_page(request: Request, email_address: str = "missing",route_prefix: str = "", auth_provider_uuid: str = "", redirect_url="test redirect"):
+async def verify_page(request: Request, email_address: str = "missing",route_prefix: str = "", auth_provider_uuid: str = "", redirect_url="test redirect", validation_failed = ""):
+    failed_valid = True if validation_failed.lower() == 'true' else False
     return templates.TemplateResponse("verify.html",
                                       {"request": request,
                                        "email_address": email_address,
                                        "redirect_url": redirect_url,
                                        "auth_provider_uuid": auth_provider_uuid,
                                        "route_prefix": route_prefix,
-                                       "validation_failed": False})
+                                       "validation_failed": failed_valid})
 
 
 @app.get("/is_verified")
@@ -136,7 +137,7 @@ async def verify(email_address: Annotated[str, Form()],
 
         # TODO: will want to check whether email has already been verified instead of verifying again
 
-        if password_results is not None:
+        if password_results is not None and len(password_results) > 0:
             verified_email_record = session.query(VerifiedEmail)\
                 .where(VerifiedEmail.id == email_id).first()
             print('verified_email_record: {}'.format(verified_email_record))
@@ -146,13 +147,11 @@ async def verify(email_address: Annotated[str, Form()],
             session.commit()
 
             # validation succeeded
-            return RedirectResponse(urllib.parse.unquote(redirect_url))
+            return Response(status_code=200)
 
         else:
             # validation failed
-            return templates.TemplateResponse("verify.html", {"request": {},
-                                                      "email_address": email_address,
-                                                      "validation_failed": True})
+            return Response(status_code=401)
 
 
 @app.post("/create_otp/")
diff --git a/middleware/index.js b/middleware/index.js
index f0ff389..5142ce8 100644
--- a/middleware/index.js
+++ b/middleware/index.js
@@ -15,12 +15,40 @@ function getMiddleware(configuration) {
   const internalRouter = express.Router();
 
   // Handle submit form endpoint with OTP
-  internalRouter.post("/verify", (req, res, next) => {
-    console.log("Verify!");
-  });
+  internalRouter.post("/verify", async (req, res, next) => {
+    console.log(req.body);
+
+    const verifyUrl = new URL(`${config.everifyHost}/verify`);
+
+    const data = new URLSearchParams();
+    data.append("one_time_password", "3625");
+    data.append("email_address", "pbastia@gmail.com");
+    data.append(
+      "auth_provider_uuid",
+      "fd2e5c94f4da4c1393a6e03093e25a85@bceidboth"
+    );
+    data.append("redirect_url", host);
+
+    const response = await fetch(verifyUrl, {
+      method: "POST",
+      body: data,
+    });
+
+    console.log(response.status);
+
+    if (response.ok) return res.redirect(host);
+
+    // Show the user the OTP page
+    const verifyPageUrl = new URL(`${config.everifyHost}/verify_page`);
+    verifyPageUrl.searchParams.append("route_prefix", config.routePrefix);
+    verifyPageUrl.searchParams.append("email_address", req.claims.email);
+    verifyPageUrl.searchParams.append("auth_provider_uuid", req.claims.sub);
+    verifyPageUrl.searchParams.append("validation_failed", "true");
 
-  internalRouter.get("/verify_page", (req, res, next) => {
-    return "a";
+    //const verifyPageResponse = await fetch(verifyPageUrl);
+    request({
+      uri: verifyPageUrl,
+    }).pipe(res);
   });
 
   // Handle static assets for verify page
@@ -71,10 +99,13 @@ function getMiddleware(configuration) {
     verifyPageUrl.searchParams.append("email_address", req.claims.email);
     verifyPageUrl.searchParams.append("auth_provider_uuid", req.claims.sub);
 
-    //const verifyPageResponse = await fetch(verifyPageUrl);
-    request({
-      uri: verifyPageUrl,
-    }).pipe(res);
+    const verifyPageResponse = await fetch(verifyPageUrl);
+    // request({
+    //   uri: verifyPageUrl,
+    // }).pipe(res);
+    const html = await verifyPageResponse.text();
+    res.send(html);
+    res.status(201);
   });
 
   return router;